Nick Hayes' Blog

Facebook made headlines last Friday with its announcement that it had been the victim of a sophisticated security attack. All major news publications picked up the story, citing widespread concern about the implications of the breach.

The breach itself, however, was largely a nonevent from a security standpoint.

Facebook identified the security breach before it infiltrated too deeply into company systems, remediated all compromised machines, informed law enforcement, and reported the Java exploit to its parent owner Oracle – acting quickly and appropriately. Most importantly, Facebook made it clear that the breach did not expose any of its users’ data.